ARE THE INDUSTRIAL CONTROL SYSTEMS OF YOUR COMPANY SECURE
AND PROTECTED FROM CYBER ATTACKS?
We develop Industrial Cyber Security assessments for industrial control systems and carry out tests with attainable results.
One never really knows how effective a security system is, unless it is tested. Automation is significantly growing, and the integration between the IT World and the OT World is increasing every day with a huge amount of data that is flowing from the OT to IT, and vice versa.
We are sure that product safety cannot be guaranteed in future without a proper protection from industrial cyber-attacks.
This means that PLC, HMI SCADA, as well as every industrial device has to be protected from cyber-attacks.
We develop and apply the entire Industrial Cyber Security lifecycle for the protection of Industrial Automation Control Systems (IACS). Protecting critical infrastructures and key resources is essential to safety and productivity, and fundamental for the protection of an IACS.
Our team includes certified personnel in compliance with the following relevant international standards:
- ISA99/IEC62443 Cyber Security Fundamentals Specialist
- ISA99/IEC62443 Cyber Security Risk Assessment Specialist
The Systematic Approach
We provide a modular and complete range of services within the entire IACS security lifecycle in compliance with the requirements of IEC 62443 standards, in order to implement a Cyber Security Management System (CSMS).
A CSMS is divided into three main phases:
- ASSESS PHASE
- IMPLEMENT PHASE
- MAINTAIN PHASE
Each phase is characterized by specific actions.
IACS Security Lifecycle
ASSESS PHASE > RISK ASSESSMENT
The Risk Assessment is the starting point to assess the actual consistency of a cyber risk connected to a system or plant. This service can be provided with both detail levels set out by the IEC 62443 standard.
We carry out a high-level risk assessment in order to macroscopically assess the consequences of a cyber-attack, and therefore assign priorities to interventions and split future analyses on the basis of the criticality of a specific machinery o part of the production process.
The second low-level risk assessment is performed to learn more about what threats are affecting the system.
This risk assessment is carried out taking into consideration a number of factors, such as which vulnerabilities are already known and what is their complexity, which countermeasures and procedures had been implemented in the past, and whether there have already been operative procedures for a correct management of the human factor, which is often the main vehicle of cyber-attacks.
We develop high-level and low-level assessments in a customized way for each plant or machinery composing the IACS to be assessed, in order to document what the actual threats are for a specific system. In doing so we also define a priority matrix in order to support the customer in the implementation of all necessary countermeasures in a systematic and timely manner, with a consequent advantage even in financial terms.
ASSESS PHASE > VULNERABILITY ASSESSMENT
Before proceeding with the definition of any countermeasures, it is necessary to analyze in depth the system in question.
The vulnerability assessment has the primary purpose of determining the extension and composition of the system and consequently all the existing vulnerabilities, including their palatability in terms of potential attack.
In addition to the analysis of the human factor, the vulnerability assessment may also include, depending on the composition of the IACS in question, passive/active scans, as well as protocol/package analyses.
Apart from defining the potential vehicle of attack located in the infrastructure in question, the vulnerability assessment also allows to identify the priorities for intervention taking into consideration their actual feasibility and the related consequences in case of a cyber-attack.
ASSESS PHASE > PENETRATION TESTS
Penetration Tests allow to test the resilience of an IACS data to a potential cyber-attack which was conducted by exploiting existing vulnerabilities, whether there are known or less known.
We carry out penetration tests for the three testing approaches: white, grey and black box.
We use several specific methods and tools for industrial automation systems.
In case a vulnerability assessment has already been performed by H-ON Consulting, the Penetration Test activity will be defined in a detailed plan by taking into consideration the relevance and criticality of each vulnerability which had been previously assessed, in order to provide an exact specification of the actual threats that are affecting the system.
ASSESS PHASE > THREAT MODELING
Performed according to consolidated schemes, Threat Modelling is used to analyze the security of a firmware, an application or in general an application software.
It is a structured approach which allows to identify, quantify and manage security risks associated to a specific application.
Threat Modelling is not an approach for the revision of the security code, but it rather integrates the revision process of the security code.
Threat Modelling aims at providing minimum information for the specification of countermeasures and any mitigation measures.
A lack of protection against a threat may indicate a vulnerability and a consequent risk exposure which may be mitigated by implementing an appropriate countermeasure.
We provide Threat Modelling for all software / firmware typologies of components for automation systems, including tests on application software.
ASSESS PHASE > SECURITY LEVEL ALLOCATION
SECURITY LEVEL ALLOCATION (SL-T)
One of the achievable results from vulnerability assessments and the relevant Penetration Tests is the redaction of Cyber Security minimum requirements, which any new installation or modification to existing plants must comply with in order not to alter or to ensure ex novo the minimum-security level expected.
In line with IEC 62443 standards we provide the SL Allocation service supporting our customers with the redaction of technical specifications. These will be later implemented into the purchase specifications in order to make sure that the supply complies with the required security standards.
IMPLEMENT PHASE > DEFENCE STRATEGY
We support our customers and system integrators in order to define, from the results of the Assess Phase, which countermeasures have to be implemented in a systematic and timely manner for each of the relevant vulnerabilities.
The defense strategy is established taking into consideration the main features of the IACS system in question.
We help our customers define a series of specific and potentially feasible solutions to protect their systems, whether in case of newly implemented systems or interventions on decades-old plants.
We provide support with the redaction of technical specifications which include Cyber Security minimum requirements.
IMPLEMENT PHASE > CYBER SECURITY MANAGEMENT SYSTEM
CYBER SECURITY MANAGEMENT SYSTEM
In line with the requirements of IEC 62443 standards, we work side by side with our customers during the implementation of the Cyber Security Management System (CSMS).
We define specific policies and procedures for the management and operation of plants with the aim of providing protection against cyber threats that may affect a specific IACS.
Our support also includes the redaction of all staff training documents for a correct management of machineries and plants, in order to minimize the likelihood for plants to be affected by cyber attacks caused by the human factor.
We also carry out incident-recovery procedures for any critical infrastructures which are likely to be affected by a cyber-attack, even remotely.
IMPLEMENT PHASE > SECURITY LEVEL VERIFICATION (SL-c and SL-r)
SECURITY LEVEL VERIFICATION (SL-C AND SL-R)
When a system is made in compliance with Cyber Security requirements it must comply to one of the four security levels (SL) defined by the IEC 62443 standard.
We provide a specific consulting service aimed at assessing and verifying that a system, component or program is compliant with a required SL.
In doing so we examine all required development phases by analyzing and performing tests on the object in question, in order to ensure the actual compliance with the minimum requirements defined by the IEC 62443 standards.
MAINTAIN PHASE > AUDITING
Cyber Security is based on specific protection methods for specific threats and vulnerabilities which are in continuous evolution and expansion.
This means that a system that is now secure may not be so in future because of new threats and vulnerabilities which may affect it.
In order to support our customers in maintaining the security level over time, we carry out periodical auditing aimed at assessing, for each specific IACS, the actual compliance of the Cyber Security procedures defined by the CSMS, and whether there are new vulnerabilities or threats that may compromise the system.
MAINTAIN PHASE > FOLLOW-UP
The results of auditing activities are traced and managed in order to activate all necessary activities for restoring, as a result of changes to IACSs, all levels and defensive features of the system with the aim of complying with the established overall security level.
The follow-up is a plan which is aimed at establishing which activities of the whole security lifecycle have to be repeated, even partially, in order to restore the initial Cyber Security level until the following verification.